Rutracker is blocked in transit traffic for foreign users

As is known, from January 25, 2016, Russian providers block requests to rutracker.org. Most users use various ways to bypass the blocking, of which there are quite a few: VPN, proxy servers, browser extensions, etc. Rutracker mirrors are still available. Statistics records only a slight decrease in attendance, this can be explained by the fact that many users are now counted as one, because they use the aforementioned ways to bypass the block.

Interestingly, in the last few days (from about February 25), some residents of other countries, for whom Rutracker also became unavailable, have suffered from the decision of the Moscow City Court. The fact is that since February 25, a part of foreign traffic went through networks in Moscow, although the senders and the recipient of the request (Rutracker) are abroad.

The reason for this is even more interesting: to protect against DDoS attacks, the owners of Rutracker, apparently, used the services of a Russian company!

The situation is explained by security specialist Daniel Ginsburg.
')

A few days ago (according to information from RIPE BGPlay from the 25th of this month), apparently under attack, rutracker.org used the services of anti-ddos of the company ddos-guard.net. For this, the AS47105 (autonomous root-tracker system) modified the BGP announcements so that the traffic went through AS57724 (the DDOS-cleaning network) and AS262254 (the delivery network of the cleared traffic).

AS57724 announces customer networks to a number of upstream providers, including AS9002 (ReTN) and AS20485 (Transtelecom). The junction point of the ddos-guard and these networks is in Moscow. This led to the fact that the traffic of some users, finding outside the Russian Federation, to rutracker.org, which is also located outside the Russian Federation, began to pass through the territory of the Russian Federation.

ReTN comes with transit traffic honestly and does not apply censorship filters to it. And TTK is not very concerned about selectivity and filters transit in accordance with the prescriptions of Russian censorship agencies. As a result, rutracker.org became unavailable for some foreign networks (I am aware of certain problems in the USA, Italy, Ukraine, Israel, France).

Although Internet censorship is unnatural to the nature of the Network, it still does some damage. “DDoS, routing policies and censorship filters converge in a vicious chain of interactions, and bang, we suddenly see non-local effects that affect those whom, in theory, should not have been affected,” says the specialist. - Censor filters turn the Internet into a technological minefield. They introduce additional interactions that are difficult, and often impossible, to analyze ahead of time. They break the mechanisms that we use to solve other independent (and important!) Tasks. Censorship doesn’t damage the net, and the damage is real. Mitigation neither easy nor costless. ”

UPD. Comment Rutracker

I confirm the problem!

At the moment it should be practically solved. (thanks to ddos-guard.net!)

Indeed, the Russian backbone operators began to filter transit traffic for "forbidden" sites.

As for DDoS Guard, there are several reasons why we cooperate with them. And their Russian origin is not only a minus, but also a plus - because driving traffic to clean up somewhere in the Netherlands or the USA would mean double or even triple delays for users in terms of speed.

The fact is that protection against DDoSs is a rather painstaking work that requires joint, sometimes very non-standard and operational solutions from both sides. In this regard, it’s not a fact that a foreign company would be so flexible and convenient than a domestic one, which is also well-versed in the “features of national routing”.